PayPal MCP Server
Installation Guide

Comprehensive guide for setting up the PayPal Model Context Protocol server

v2.4.1
Production Ready
Node.js 16+

Overview

This guide provides detailed instructions for AI agents to assist with installing and configuring the PayPal MCP (Model Context Protocol) server. The MCP server enables secure integration between AI models and PayPal's payment services.

Key Features

  • Type-safe PayPal API integration
  • Secure credential management
  • Comprehensive error handling
  • Cross-platform configuration

Requirements

  • Node.js 16.x or later
  • TypeScript 5.0+
  • PayPal developer account
  • MCP SDK

Est. Setup Time

  • Basic setup: 10-15 mins
  • Full configuration: 30 mins
  • Testing/debugging: 15-30 mins

Repository Structure 

paypal-server/
├── src/
│   └── index.ts          # Main server implementation
├── .github/
│   └── workflows/
│       └── ci.yml        # GitHub Actions workflow
├── package.json          # Node.js dependencies and scripts
├── tsconfig.json         # TypeScript configuration
├── README.md             # General documentation
├── LICENSE               # MIT license
└── .gitignore           # Git ignore rules

Key Files

  • index.ts - Main server implementation
  • ci.yml - CI/CD pipeline configuration
  • package.json - Dependencies and scripts

Notes

  • All source files are in src/
  • GitHub Actions handles automated testing
  • TypeScript configuration must be valid

Installation Steps

1

Project Setup

Initialize the project directory and install required dependencies.

# Create project directory
mkdir paypal-server
cd paypal-server

# Initialize Node.js project
npm init -y

# Install dependencies
npm install @modelcontextprotocol/sdk axios typescript @types/node

Ensure Node.js version 16 or higher is installed before proceeding.

2

TypeScript Configuration

Configure TypeScript for ES modules and strict type checking.

3

Environment Configuration

Guide users through setting up PayPal credentials:

1. Developer Dashboard

Direct to developer.paypal.com

2. Create API App

Guide through REST API setup

3. Secure Storage

Help store Client ID/Secret

MCP Configuration

Settings File Locations

Windows
%APPDATA%/Windsurf/User/globalStorage/.../cline_mcp_settings.json
macOS
~/Library/Application Support/Claude/..._config.json
Linux
~/.config/claude/settings.json

Configuration Template

{
  "mcpServers": {
    "paypal": {
      "command": "node",
      "args": ["path/to/paypal-server/build/index.js"],
      "env": {
        "PAYPAL_CLIENT_ID": "your_client_id",
        "PAYPAL_CLIENT_SECRET": "your_client_secret"
      },
      "disabled": false,
      "autoApprove": []
    }
  }
}

Important Security Note

Never commit these configuration files with real credentials. Use environment variables in production.

Validation Steps

TypeScript Checks

  • Verify TypeScript compilation succeeds
  • Check all API endpoints are properly typed

Error Handling

  • Implement interface checks for parameters
  • Handle network and API failures gracefully

Common Issues

Type Safety

  • Always use proper type validation for PayPal API responses
  • Implement interface checks for all input parameters

Authentication

  • Handle token expiration and refresh cycles
  • Validate credentials before making API calls

Error Handling

  • Implement specific error types for different scenarios
  • Provide clear, actionable error messages

Testing Instructions

Credential Verification

const result = await mcpClient.useTool('paypal', 'create_order', {
  intent: 'CAPTURE',
  purchase_units: [{
    amount: {
      currency_code: 'USD',
      value: '1.00'
    }
  }]
});

Error Handling Test

// Test invalid credentials
const result = await mcpClient.useTool('paypal', 'create_order', {
  // Invalid parameters to test error handling
});

Security Best Practices

Credential Protection

Never store credentials in source code. Use environment variables for sensitive data.

Input Validation

Validate all input parameters before processing to prevent injection attacks.

Secure Communications

Use HTTPS for all API calls to encrypt data in transit.

Error Handling

Never expose sensitive information in error messages.

Additional Resources

Made with DeepSite LogoDeepSite - 🧬 Remix